mirror of
1
Fork 0
forgejo/routers/web/auth
M Hickford afebbf29a9
Require authentication for OAuth token refresh (#21421)
According to the OAuth spec
https://datatracker.ietf.org/doc/html/rfc6749#section-6 when "Refreshing
an Access Token"

> The authorization server MUST ... require client authentication for
confidential clients


Fixes #21418

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-10-23 13:28:46 +08:00
..
2fa.go Refactor auth package (#17962) 2022-01-02 21:12:35 +08:00
auth.go Suppress `ExternalLoginUserNotExist` error (#21504) 2022-10-19 20:07:21 +01:00
linkaccount.go Add support mCaptcha as captcha provider (#20458) 2022-08-10 15:20:10 +02:00
main_test.go Use a struct as test options (#19393) 2022-04-14 21:58:21 +08:00
oauth.go Require authentication for OAuth token refresh (#21421) 2022-10-23 13:28:46 +08:00
oauth_test.go Refactor AssertExistsAndLoadBean to use generics (#20797) 2022-08-16 10:22:25 +08:00
openid.go Add support mCaptcha as captcha provider (#20458) 2022-08-10 15:20:10 +02:00
password.go Make better use of i18n (#20096) 2022-06-26 22:19:22 +08:00
webauthn.go WebAuthn CredentialID field needs to be increased in size (#20530) 2022-07-30 15:25:26 +02:00